<?php
/*
	Copyright 2006, 2007, 2008, 2009, 2010 Bastiaan Grutters
    
    This file is part of Ages of Strife website.

    Ages of Strife website is free software: you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation, either version 3 of the License, or
    (at your option) any later version.

    Ages of Strife website is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.

    You should have received a copy of the GNU General Public License
    along with Ages of Strife website.  If not, see <http://www.gnu.org/licenses/>.
 */
if (!isset ($_SESSION)) {
	session_start();
}
global $show_ads, $premium, $language, $dal;

if (!isset ($show_ads)) {
	$show_ads = true;
}
if (!isset ($premium)) {
	$premium = -1;
}
$dal = new DatabaseAbstractionLayer();
// Set the database abstraction layer to use the same debug setting as used in the config
$dal->setDebug( DEBUG );

if ( isset( $_SESSION['secret_key'] ) && $_SESSION['secret_key'] == "G5x2FA1s6") {
	if (isset ($_SESSION['ruler_id']) && isset ($_SESSION['password'])) {
		$query = "SELECT count(*) " .
				"FROM users " .
				"JOIN ruler ON ruler.user_id = users.user_id " .
				"WHERE ruler_id = " . $_SESSION['ruler_id'] . " AND password = '" . $_SESSION['password'] . "'";
		$result = mysql_query($query) or die("Query failed : " . mysql_error());
		$row = mysql_fetch_array($result, MYSQL_ASSOC);
		if ($row['count(*)'] == 1) {

			$query = "SELECT turn, gameurl FROM game";
			$result = mysql_query($query) or die("Query failed : " . mysql_error());
			$row = mysql_fetch_array($result, MYSQL_ASSOC);
			if (strstr("http://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], $row['gameurl']) === FALSE) {
				header("Location: " . $row['gameurl']);
			} else {
				$game_turn = $row['turn'];
				$query = "SELECT active_turn FROM ruler WHERE ruler_id = " . $_SESSION['ruler_id'];
				$result = mysql_query($query) or die("Query failed : " . mysql_error());
				$row = mysql_fetch_array($result, MYSQL_ASSOC);
				if ($row['active_turn'] != $game_turn) {
					$query = "UPDATE ruler SET active_turn = $game_turn WHERE ruler_id = " . $_SESSION['ruler_id'];
					$result = mysql_query($query) or die("Query failed : " . mysql_error());
				}

				$query = "SELECT premium, language FROM users WHERE user_id = " . $_SESSION['user_id'];
				$result = mysql_query($query) or die("Query failed : " . mysql_error());
				$row = mysql_fetch_array($result, MYSQL_ASSOC);
				$premium = $row['premium'];
				$language = $row['language'];
				if ($premium > 0) {
					$show_ads = false;
				}
				ob_start('ob_gzhandler()');
			}
		} else {
			$query = "SELECT count(*) FROM users JOIN ruler ON ruler.user_id = users.user_id WHERE users.user_id = " . $_SESSION['user_id'] . " AND password = '" . $_SESSION['password'] . "' AND admin = 1";
			$result = mysql_query($query) or die("Query failed : " . mysql_error());
			$row = mysql_fetch_array($result, MYSQL_ASSOC);
			if ($row['count(*)'] == 1) {
				$query = "SELECT premium, language FROM users WHERE user_id = " . $_SESSION['user_id'];
				$result = mysql_query($query) or die("Query failed : " . mysql_error());
				$row = mysql_fetch_array($result, MYSQL_ASSOC);
				$premium = $row['premium'];
				$language = $row['language'];
				if ($premium > 0) {
					$show_ads = false;
				}
				ob_start('ob_gzhandler()');
			} else {
				header("Location: ../index.php");
			}
		}
	}
	elseif (isset ($_SESSION['user_id']) && isset ($_SESSION['password'])) {
		$query = "SELECT count(*) FROM users WHERE user_id = " . $_SESSION['user_id'] . " AND password = '" . $_SESSION['password'] . "'";
		$result = mysql_query($query) or die("Query failed : " . mysql_error());
		$row = mysql_fetch_array($result, MYSQL_ASSOC);
		if ($row['count(*)'] == 1) {
			$query = "SELECT premium, language, verified FROM users WHERE user_id = " . $_SESSION['user_id'];
			$result = mysql_query($query) or die("Query failed : " . mysql_error());
			$row = mysql_fetch_array($result, MYSQL_ASSOC);
			if( $row[ 'verified' ] == 1 ) {
				$premium = $row['premium'];
				$language = $row['language'];
				ob_start('ob_gzhandler()');
			}
			else {
				header("Location: ../global/email_verification.php");
			}
		} else {
			header("Location: ../index.php");
		}
	} else {
		header("Location: ../index.php");
	}
} else {
	header("Location: ../index.php");
}
?>
